Does Data Need to Go Overseas?

Encryption in the Cloud - data overseas

  Is data security in cloud computing possible in 2014? Recent reports on NSA spying have eroded trust in US-based cloud providers.  This is especially true for non-USA-based customers that use cloud services offered by US companies.  They see using an American cloud provider as a risk because they assume their data could be accessed […]

Data Security in the Cloud: Beyond Traditional Data Center Controls

Data Security in the Cloud

Traditional data center security has used physical controls: walls, locks, “air gaps” between the servers that serve different projects, and guards at the gate, along with tools such as Firewalls and antivirus software. Encryption has been less prevalent in traditional data center settings. I recently visited with a large bank and talked with its CISO. […]

Cloud Security for AWS: Your Cloud Encryption Questions Answered

Cloud Security for AWS

Last week, at the Amazon Web Services Summit in San Francisco’s Moscone Center, we met many companies who have deployed (or will migrate) their sensitive projects to the Amazon cloud.  These companies expressed real concerns about the security of their information, and the status of continued compliance with regulations like HIPAA and PCI DSS.  Below, […]

Encryption Key Rotation: April’s Cloud Security Tip of the Month

Encryption Key Rotation

In the cloud security world, we started 2014 still reeling from NSA corruption and Target hacks.  In January, our cloud security tip was cloud encryption, which we expanded on in February to include encryption key management. In March, we explored cloud security compliance requirements and what we can all learn from them about protecting our […]

When Cloud Data Encryption is Not Enough

cloud data encryption

Your customers are concerned about the privacy of their data and you need to assure them you are doing everything to protect them. Meanwhile, cloud data requires strong security and regulations like PCI DSS and HIPAA benefit from strong encryption. So, you encrypt.  You use strong encryption methods, like AES-256.  You can now rest easy […]

PCI DSS Compliance Checklist

PCI DSS Compliance Checklist

Data security is at the top of mind for any company that handles payment card information, and for good reason. The recent hack at Target is a sadly real example of the damage hackers can cause. Dangers are not limited to hacking, they can also include employee theft or human error.  The Payment Card Industry […]

Announcing Master Key Rotation: Integrating Porticor Security with your Business Processes

Key Rotation in Cloud Security

When you create a Porticor project, you use our automated key management solution to generate strong cryptographic keys. You may have a handful of keys, perhaps one per disk, or you may use our RESTful API to generate thousands or millions of keys. All of these keys are managed for you by Porticor. A critical […]